<?php
include_once('common/header.php');
if($AppUI->id <=0 || ($AppUI->id > 0 && $AppUI->type < 1) || isset($_SESSION['admin']) && (($_SESSION['admin']&1<<1)==0 || ($_SESSION['admin']&1<<2)==0)) {
	Vfriend_Function::redirect(HOST_BACKEND);
}
$intAdminId			= $objRequest->getParam('padminid', 0);
$strUsername 		= $objRequest->getParam('pusername', '');
$strPassword 		= $objRequest->getParam('ppassword', '');
$strPasswordConf 	= $objRequest->getParam('ppassword_confirm', '');
$strFullname 		= $objRequest->getParam('pfullname', '');
$intType			= $objRequest->getParam('ptype', 0);
$intError			= 0;
if($intAdminId == 0) {
	if(trim($strUsername)=='') $intError = 4;
	if(!Vfriend_Function::isValidUsername($strUsername)) $intError = 5;
	if($strUsername != '' && (strlen($strUsername) < 5 || strlen($strUsername) > 30)) $intError = 6;	
	if(trim($strPassword) == '') $intError = 7;	
}
if($strPassword != '' && strlen($strPassword) < 5) $intError = 8;
if($strPassword != '' && $strPassword != $strPasswordConf) $intError = 9;
if($intError == 0) {
	if(isset($_SESSION['post'])) unset($_SESSION['post']);
	$objAdmin	= new Admin();
	if($intAdminId == 0) {
		$intError = $objAdmin->add($AppUI->id, $strUsername, md5($strPassword), $strFullname, $intType);
		if($intError > 0) {
			$intError += 9;
		}
		else {
			Vfriend_Function::setMsg($arrMessage[1]);
			Vfriend_Function::redirect(HOST_BACKEND . 'index/list');
		}
	} else {
		$strPassword = $strPassword != '' ? md5($strPassword) : '';
		$intError = $objAdmin->edit($AppUI->id, $intAdminId, $strUsername, $strPassword, $strFullname, $intType);
		if($intError > 0) {
			$intError = 12;
		}
		else {
			Vfriend_Function::setMsg($arrMessage[2]);
			Vfriend_Function::redirect(HOST_BACKEND . 'index/list');
		}
	}
}
if($intError > 0) {
	$_SESSION['post'] = $objRequest->getParams();
	Vfriend_Function::setError($arrError[$intError]);
	if($intAdminId == 0) {
		Vfriend_Function::redirect(HOST_BACKEND . 'index/add');
	}
	else {
		Vfriend_Function::redirect(HOST_BACKEND . 'index/edit?adminid=' . $intAdminId);
	}
}
?>